@enjoys/context-engine 1.0.4 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/data/commands/journalctl.json +203 -66
  2. package/data/commands/manifest.json +6 -2
  3. package/data/commands/systemctl.json +800 -23
  4. package/data/commands/systemd-analyze.json +239 -0
  5. package/data/commands/zsh.json +166 -0
  6. package/data/completion/nginx.json +561 -77
  7. package/data/completion/systemd.json +795 -47
  8. package/data/completion/zsh.json +829 -70
  9. package/data/defination/nginx.json +416 -32
  10. package/data/defination/systemd.json +538 -56
  11. package/data/defination/zsh.json +323 -86
  12. package/data/hover/nginx.json +59 -17
  13. package/data/hover/systemd.json +42 -7
  14. package/data/hover/zsh.json +44 -9
  15. package/package.json +2 -2
package/data/completion/nginx.json CHANGED
@@ -1,6 +1,28 @@
1
1
  {
2
2
  "language": "nginx",
3
3
  "completions": [
4
+ {
5
+ "label": "http block",
6
+ "kind": 15,
7
+ "detail": "HTTP block",
8
+ "documentation": {
9
+ "value": "Top-level block for HTTP server configuration."
10
+ },
11
+ "insertText": "http {\n include mime.types;\n default_type application/octet-stream;\n sendfile on;\n keepalive_timeout 65;\n\n ${1:# server blocks}\n}",
12
+ "insertTextRules": 4,
13
+ "sortText": "00_http"
14
+ },
15
+ {
16
+ "label": "events block",
17
+ "kind": 15,
18
+ "detail": "Events block",
19
+ "documentation": {
20
+ "value": "Configure connection processing."
21
+ },
22
+ "insertText": "events {\n worker_connections ${1:1024};\n multi_accept on;\n use epoll;\n}",
23
+ "insertTextRules": 4,
24
+ "sortText": "00_events"
25
+ },
4
26
  {
5
27
  "label": "server block",
6
28
  "kind": 15,
@@ -12,6 +34,28 @@
12
34
  "insertTextRules": 4,
13
35
  "sortText": "00_server"
14
36
  },
37
+ {
38
+ "label": "server block HTTPS",
39
+ "kind": 15,
40
+ "detail": "HTTPS Server",
41
+ "documentation": {
42
+ "value": "Full HTTPS server block with SSL, security headers, and HTTP/2."
43
+ },
44
+ "insertText": "server {\n listen 443 ssl http2;\n listen [::]:443 ssl http2;\n server_name ${1:example.com};\n\n ssl_certificate /etc/letsencrypt/live/${1:example.com}/fullchain.pem;\n ssl_certificate_key /etc/letsencrypt/live/${1:example.com}/privkey.pem;\n ssl_protocols TLSv1.2 TLSv1.3;\n ssl_ciphers HIGH:!aNULL:!MD5;\n ssl_prefer_server_ciphers on;\n ssl_session_cache shared:SSL:10m;\n ssl_session_timeout 1d;\n\n add_header Strict-Transport-Security \"max-age=63072000\" always;\n add_header X-Frame-Options DENY;\n add_header X-Content-Type-Options nosniff;\n\n root /var/www/${1:example.com}/html;\n index index.html;\n\n location / {\n try_files \\$uri \\$uri/ =404;\n }\n}",
45
+ "insertTextRules": 4,
46
+ "sortText": "00_serverhttps"
47
+ },
48
+ {
49
+ "label": "HTTP to HTTPS redirect",
50
+ "kind": 15,
51
+ "detail": "Force HTTPS",
52
+ "documentation": {
53
+ "value": "Redirect all HTTP traffic to HTTPS."
54
+ },
55
+ "insertText": "server {\n listen 80;\n listen [::]:80;\n server_name ${1:example.com} www.${1:example.com};\n return 301 https://\\$host\\$request_uri;\n}",
56
+ "insertTextRules": 4,
57
+ "sortText": "00_redirect_https"
58
+ },
15
59
  {
16
60
  "label": "location block",
17
61
  "kind": 15,
@@ -23,6 +67,50 @@
23
67
  "insertTextRules": 4,
24
68
  "sortText": "00_location"
25
69
  },
70
+ {
71
+ "label": "location exact",
72
+ "kind": 15,
73
+ "detail": "Exact match location",
74
+ "documentation": {
75
+ "value": "Exact URI match — highest priority."
76
+ },
77
+ "insertText": "location = ${1:/} {\n ${2:return 200 'OK';}\n}",
78
+ "insertTextRules": 4,
79
+ "sortText": "00_location_exact"
80
+ },
81
+ {
82
+ "label": "location regex",
83
+ "kind": 15,
84
+ "detail": "Regex location",
85
+ "documentation": {
86
+ "value": "Case-sensitive regex URI match."
87
+ },
88
+ "insertText": "location ~ ${1:\\.php$} {\n ${2:fastcgi_pass unix:/run/php/php-fpm.sock;}\n}",
89
+ "insertTextRules": 4,
90
+ "sortText": "00_location_regex"
91
+ },
92
+ {
93
+ "label": "location regex case-insensitive",
94
+ "kind": 15,
95
+ "detail": "Case-insensitive regex",
96
+ "documentation": {
97
+ "value": "Case-insensitive regex URI match."
98
+ },
99
+ "insertText": "location ~* ${1:\\.(jpg|jpeg|png|gif|ico|css|js)$} {\n expires ${2:30d};\n add_header Cache-Control \"public, immutable\";\n}",
100
+ "insertTextRules": 4,
101
+ "sortText": "00_location_regexci"
102
+ },
103
+ {
104
+ "label": "location prefix priority",
105
+ "kind": 15,
106
+ "detail": "Prefix priority ^~",
107
+ "documentation": {
108
+ "value": "Prefix match that takes priority over regex."
109
+ },
110
+ "insertText": "location ^~ ${1:/static/} {\n alias ${2:/var/www/static/};\n expires 30d;\n}",
111
+ "insertTextRules": 4,
112
+ "sortText": "00_location_prefix"
113
+ },
26
114
  {
27
115
  "label": "upstream block",
28
116
  "kind": 15,
@@ -30,10 +118,43 @@
30
118
  "documentation": {
31
119
  "value": "Define a group of backend servers for load balancing."
32
120
  },
33
- "insertText": "upstream ${1:backend} {\n server ${2:127.0.0.1:8001};\n server ${3:127.0.0.1:8002};\n}",
121
+ "insertText": "upstream ${1:backend} {\n ${2:least_conn;}\n server ${3:127.0.0.1:8001};\n server ${4:127.0.0.1:8002};\n server ${5:127.0.0.1:8003} backup;\n}",
34
122
  "insertTextRules": 4,
35
123
  "sortText": "00_upstream"
36
124
  },
125
+ {
126
+ "label": "upstream ip_hash",
127
+ "kind": 15,
128
+ "detail": "Sticky sessions upstream",
129
+ "documentation": {
130
+ "value": "IP hash load balancing for session persistence."
131
+ },
132
+ "insertText": "upstream ${1:backend} {\n ip_hash;\n server ${2:10.0.0.1:8080};\n server ${3:10.0.0.2:8080};\n server ${4:10.0.0.3:8080};\n}",
133
+ "insertTextRules": 4,
134
+ "sortText": "00_upstream_iphash"
135
+ },
136
+ {
137
+ "label": "map block",
138
+ "kind": 15,
139
+ "detail": "Map block",
140
+ "documentation": {
141
+ "value": "Create a variable whose value depends on another variable."
142
+ },
143
+ "insertText": "map \\$${1:uri} \\$${2:new} {\n default 0;\n ~^/old/(.*) /new/\\$1;\n}",
144
+ "insertTextRules": 4,
145
+ "sortText": "00_map"
146
+ },
147
+ {
148
+ "label": "geo block",
149
+ "kind": 15,
150
+ "detail": "Geo block",
151
+ "documentation": {
152
+ "value": "Create variables based on client IP address."
153
+ },
154
+ "insertText": "geo \\$${1:blocked} {\n default 0;\n ${2:10.0.0.0/8} 1;\n ${3:192.168.0.0/16} 1;\n}",
155
+ "insertTextRules": 4,
156
+ "sortText": "00_geo"
157
+ },
37
158
  {
38
159
  "label": "listen",
39
160
  "kind": 14,
@@ -48,233 +169,596 @@
48
169
  {
49
170
  "label": "listen 443 ssl",
50
171
  "kind": 14,
51
- "detail": "Listen HTTPS",
172
+ "detail": "Listen SSL",
52
173
  "documentation": {
53
- "value": "Listen on port 443 with SSL/TLS enabled."
174
+ "value": "Listen on HTTPS port with SSL."
54
175
  },
55
- "insertText": "listen 443 ssl;\nssl_certificate ${1:/etc/ssl/certs/cert.pem};\nssl_certificate_key ${2:/etc/ssl/private/key.pem};",
176
+ "insertText": "listen 443 ssl http2;\nlisten [::]:443 ssl http2;",
56
177
  "insertTextRules": 4,
57
178
  "sortText": "01_listen_ssl"
58
179
  },
180
+ {
181
+ "label": "listen unix socket",
182
+ "kind": 14,
183
+ "detail": "Listen on Unix socket",
184
+ "documentation": {
185
+ "value": "Listen on a Unix domain socket."
186
+ },
187
+ "insertText": "listen unix:${1:/var/run/nginx.sock};",
188
+ "insertTextRules": 4,
189
+ "sortText": "01_listen_unix"
190
+ },
59
191
  {
60
192
  "label": "server_name",
61
193
  "kind": 14,
62
194
  "detail": "Server name",
63
195
  "documentation": {
64
- "value": "Set the virtual host names this server block responds to."
196
+ "value": "Set virtual server domain names."
65
197
  },
66
- "insertText": "server_name ${1:example.com www.example.com};",
198
+ "insertText": "server_name ${1:example.com} www.${1:example.com};",
67
199
  "insertTextRules": 4,
68
- "sortText": "01_servername"
200
+ "sortText": "01_server_name"
69
201
  },
70
202
  {
71
203
  "label": "root",
72
204
  "kind": 14,
73
205
  "detail": "Document root",
74
206
  "documentation": {
75
- "value": "Set the root directory for serving static files."
207
+ "value": "Set the root directory for requests."
76
208
  },
77
209
  "insertText": "root ${1:/var/www/html};",
78
210
  "insertTextRules": 4,
79
211
  "sortText": "01_root"
80
212
  },
213
+ {
214
+ "label": "alias",
215
+ "kind": 14,
216
+ "detail": "Alias directive",
217
+ "documentation": {
218
+ "value": "Replace location path prefix with specified path."
219
+ },
220
+ "insertText": "alias ${1:/var/www/static/};",
221
+ "insertTextRules": 4,
222
+ "sortText": "01_alias"
223
+ },
81
224
  {
82
225
  "label": "index",
83
226
  "kind": 14,
84
227
  "detail": "Index files",
85
228
  "documentation": {
86
- "value": "Define the default files to serve when a directory is requested."
229
+ "value": "Define default files to serve."
87
230
  },
88
231
  "insertText": "index ${1:index.html index.htm};",
89
232
  "insertTextRules": 4,
90
233
  "sortText": "01_index"
91
234
  },
235
+ {
236
+ "label": "autoindex",
237
+ "kind": 14,
238
+ "detail": "Directory listing",
239
+ "documentation": {
240
+ "value": "Enable or disable directory listing."
241
+ },
242
+ "insertText": "autoindex ${1:on};",
243
+ "insertTextRules": 4,
244
+ "sortText": "01_autoindex"
245
+ },
246
+ {
247
+ "label": "error_page",
248
+ "kind": 14,
249
+ "detail": "Error page",
250
+ "documentation": {
251
+ "value": "Define custom error pages."
252
+ },
253
+ "insertText": "error_page ${1:404} /${2:404.html};\nerror_page 500 502 503 504 /${3:50x.html};",
254
+ "insertTextRules": 4,
255
+ "sortText": "01_error_page"
256
+ },
92
257
  {
93
258
  "label": "proxy_pass",
94
259
  "kind": 14,
95
260
  "detail": "Reverse proxy",
96
261
  "documentation": {
97
- "value": "Forward requests to a backend server (reverse proxy)."
262
+ "value": "Forward requests to a backend server."
98
263
  },
99
- "insertText": "proxy_pass http://${1:localhost}:${2:3000};",
264
+ "insertText": "proxy_pass http://${1:localhost:3000};",
100
265
  "insertTextRules": 4,
101
- "sortText": "01_proxy"
266
+ "sortText": "02_proxy"
267
+ },
268
+ {
269
+ "label": "proxy full config",
270
+ "kind": 15,
271
+ "detail": "Full proxy setup",
272
+ "documentation": {
273
+ "value": "Complete reverse proxy configuration with headers and timeouts."
274
+ },
275
+ "insertText": "proxy_pass http://${1:backend};\nproxy_http_version 1.1;\nproxy_set_header Host \\$host;\nproxy_set_header X-Real-IP \\$remote_addr;\nproxy_set_header X-Forwarded-For \\$proxy_add_x_forwarded_for;\nproxy_set_header X-Forwarded-Proto \\$scheme;\nproxy_connect_timeout ${2:60}s;\nproxy_send_timeout ${3:60}s;\nproxy_read_timeout ${4:60}s;\nproxy_buffering on;\nproxy_buffer_size 128k;\nproxy_buffers 4 256k;",
276
+ "insertTextRules": 4,
277
+ "sortText": "02_proxy_full"
102
278
  },
103
279
  {
104
280
  "label": "proxy_set_header",
105
281
  "kind": 14,
106
282
  "detail": "Proxy header",
107
283
  "documentation": {
108
- "value": "Set or modify HTTP headers passed to the proxied server."
284
+ "value": "Set headers for the proxied request."
285
+ },
286
+ "insertText": "proxy_set_header ${1:X-Real-IP} \\$${2:remote_addr};",
287
+ "insertTextRules": 4,
288
+ "sortText": "02_proxy_header"
289
+ },
290
+ {
291
+ "label": "proxy_redirect",
292
+ "kind": 14,
293
+ "detail": "Proxy redirect rewrite",
294
+ "documentation": {
295
+ "value": "Rewrite the Location and Refresh headers from the backend."
296
+ },
297
+ "insertText": "proxy_redirect ${1:off};",
298
+ "insertTextRules": 4,
299
+ "sortText": "02_proxy_redirect"
300
+ },
301
+ {
302
+ "label": "proxy_cache",
303
+ "kind": 15,
304
+ "detail": "Proxy cache",
305
+ "documentation": {
306
+ "value": "Enable proxy response caching."
109
307
  },
110
- "insertText": "proxy_set_header ${1:Host} ${2:$host};",
308
+ "insertText": "proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=${1:my_cache}:10m max_size=1g inactive=60m;\n\nlocation / {\n proxy_cache ${1:my_cache};\n proxy_cache_valid 200 302 10m;\n proxy_cache_valid 404 1m;\n add_header X-Cache-Status \\$upstream_cache_status;\n proxy_pass http://${2:backend};\n}",
111
309
  "insertTextRules": 4,
112
- "sortText": "01_proxyheader"
310
+ "sortText": "02_proxy_cache"
113
311
  },
114
312
  {
115
- "label": "proxy headers (full)",
313
+ "label": "websocket proxy",
116
314
  "kind": 15,
117
- "detail": "Common proxy headers",
315
+ "detail": "WebSocket proxy",
118
316
  "documentation": {
119
- "value": "Commonly used proxy headers for reverse proxy setups."
317
+ "value": "Proxy WebSocket connections to a backend."
120
318
  },
121
- "insertText": "proxy_set_header Host $host;\nproxy_set_header X-Real-IP $remote_addr;\nproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\nproxy_set_header X-Forwarded-Proto $scheme;",
319
+ "insertText": "location ${1:/ws} {\n proxy_pass http://${2:backend};\n proxy_http_version 1.1;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection \"upgrade\";\n proxy_set_header Host \\$host;\n proxy_read_timeout 86400s;\n proxy_send_timeout 86400s;\n}",
122
320
  "insertTextRules": 4,
123
- "sortText": "01_proxyheaders"
321
+ "sortText": "02_websocket"
124
322
  },
125
323
  {
126
324
  "label": "ssl_certificate",
127
325
  "kind": 14,
128
326
  "detail": "SSL certificate",
129
327
  "documentation": {
130
- "value": "Path to the SSL/TLS certificate file."
328
+ "value": "Path to the SSL certificate file."
131
329
  },
132
- "insertText": "ssl_certificate ${1:/etc/letsencrypt/live/example.com/fullchain.pem};",
330
+ "insertText": "ssl_certificate ${1:/etc/letsencrypt/live/example.com/fullchain.pem};",
133
331
  "insertTextRules": 4,
134
- "sortText": "02_sslcert"
332
+ "sortText": "03_ssl_cert"
135
333
  },
136
334
  {
137
335
  "label": "ssl_certificate_key",
138
336
  "kind": 14,
139
- "detail": "SSL certificate key",
337
+ "detail": "SSL private key",
140
338
  "documentation": {
141
- "value": "Path to the SSL/TLS private key file."
339
+ "value": "Path to the SSL private key file."
142
340
  },
143
341
  "insertText": "ssl_certificate_key ${1:/etc/letsencrypt/live/example.com/privkey.pem};",
144
342
  "insertTextRules": 4,
145
- "sortText": "02_sslkey"
343
+ "sortText": "03_ssl_key"
344
+ },
345
+ {
346
+ "label": "ssl full config",
347
+ "kind": 15,
348
+ "detail": "Full SSL configuration",
349
+ "documentation": {
350
+ "value": "Complete SSL/TLS hardened configuration."
351
+ },
352
+ "insertText": "ssl_certificate ${1:/etc/letsencrypt/live/example.com/fullchain.pem};\nssl_certificate_key ${2:/etc/letsencrypt/live/example.com/privkey.pem};\nssl_trusted_certificate ${3:/etc/letsencrypt/live/example.com/chain.pem};\n\nssl_protocols TLSv1.2 TLSv1.3;\nssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;\nssl_prefer_server_ciphers off;\n\nssl_session_cache shared:SSL:10m;\nssl_session_timeout 1d;\nssl_session_tickets off;\n\nssl_stapling on;\nssl_stapling_verify on;\nresolver 8.8.8.8 8.8.4.4 valid=300s;\nresolver_timeout 5s;",
353
+ "insertTextRules": 4,
354
+ "sortText": "03_ssl_full"
146
355
  },
147
356
  {
148
- "label": "return",
357
+ "label": "ssl_dhparam",
149
358
  "kind": 14,
150
- "detail": "Return response",
359
+ "detail": "DH parameters",
360
+ "documentation": {
361
+ "value": "Path to DH parameters file for forward secrecy."
362
+ },
363
+ "insertText": "ssl_dhparam ${1:/etc/ssl/certs/dhparam.pem};",
364
+ "insertTextRules": 4,
365
+ "sortText": "03_ssl_dhparam"
366
+ },
367
+ {
368
+ "label": "try_files",
369
+ "kind": 14,
370
+ "detail": "Try files",
151
371
  "documentation": {
152
- "value": "Return a specific HTTP status code and optional redirect URL."
372
+ "value": "Check file existence in order and use first found."
153
373
  },
154
- "insertText": "return ${1:301} ${2:https://$host$request_uri};",
374
+ "insertText": "try_files \\$uri \\$uri/ ${1:/index.html};",
155
375
  "insertTextRules": 4,
156
- "sortText": "02_return"
376
+ "sortText": "04_tryfiles"
377
+ },
378
+ {
379
+ "label": "try_files SPA",
380
+ "kind": 15,
381
+ "detail": "SPA fallback",
382
+ "documentation": {
383
+ "value": "Route all requests to index.html for single-page apps (React, Vue, Angular)."
384
+ },
385
+ "insertText": "location / {\n root ${1:/var/www/app/dist};\n try_files \\$uri \\$uri/ /index.html;\n}",
386
+ "insertTextRules": 4,
387
+ "sortText": "04_tryfiles_spa"
157
388
  },
158
389
  {
159
390
  "label": "rewrite",
160
391
  "kind": 14,
161
392
  "detail": "URL rewrite",
162
393
  "documentation": {
163
- "value": "Rewrite the request URI using a regex pattern."
394
+ "value": "Rewrite URIs using regex."
164
395
  },
165
- "insertText": "rewrite ${1:^/old/(.*)} ${2:/new/$1} ${3:permanent};",
396
+ "insertText": "rewrite ^/${1:old}/(.*) /${2:new}/\\$1 ${3:permanent};",
166
397
  "insertTextRules": 4,
167
- "sortText": "02_rewrite"
398
+ "sortText": "04_rewrite"
168
399
  },
169
400
  {
170
- "label": "try_files",
401
+ "label": "return redirect",
171
402
  "kind": 14,
172
- "detail": "Try files",
403
+ "detail": "Return redirect",
404
+ "documentation": {
405
+ "value": "Return a redirect response."
406
+ },
407
+ "insertText": "return ${1:301} ${2:https://\\$host\\$request_uri};",
408
+ "insertTextRules": 4,
409
+ "sortText": "04_return"
410
+ },
411
+ {
412
+ "label": "if condition",
413
+ "kind": 15,
414
+ "detail": "If directive",
415
+ "documentation": {
416
+ "value": "Conditional processing (use sparingly - 'if is evil' in nginx)."
417
+ },
418
+ "insertText": "if (\\$${1:request_uri} ${2:~*} ${3:\\.php$}) {\n ${4:return 403;}\n}",
419
+ "insertTextRules": 4,
420
+ "sortText": "04_if"
421
+ },
422
+ {
423
+ "label": "gzip",
424
+ "kind": 14,
425
+ "detail": "Enable gzip",
426
+ "documentation": {
427
+ "value": "Enable gzip compression."
428
+ },
429
+ "insertText": "gzip on;",
430
+ "insertTextRules": 4,
431
+ "sortText": "05_gzip"
432
+ },
433
+ {
434
+ "label": "gzip full config",
435
+ "kind": 15,
436
+ "detail": "Full gzip configuration",
437
+ "documentation": {
438
+ "value": "Complete gzip compression setup."
439
+ },
440
+ "insertText": "gzip on;\ngzip_vary on;\ngzip_proxied any;\ngzip_comp_level ${1:6};\ngzip_min_length 256;\ngzip_types\n text/plain\n text/css\n text/javascript\n application/javascript\n application/json\n application/xml\n application/xml+rss\n image/svg+xml\n font/woff2;",
441
+ "insertTextRules": 4,
442
+ "sortText": "05_gzip_full"
443
+ },
444
+ {
445
+ "label": "rate limiting",
446
+ "kind": 15,
447
+ "detail": "Rate limiting",
448
+ "documentation": {
449
+ "value": "Limit request rate per client IP."
450
+ },
451
+ "insertText": "# In http block:\nlimit_req_zone \\$binary_remote_addr zone=${1:api_limit}:10m rate=${2:10}r/s;\n\n# In location block:\nlimit_req zone=${1:api_limit} burst=${3:20} nodelay;\nlimit_req_status 429;",
452
+ "insertTextRules": 4,
453
+ "sortText": "05_ratelimit"
454
+ },
455
+ {
456
+ "label": "connection limiting",
457
+ "kind": 15,
458
+ "detail": "Connection limit",
459
+ "documentation": {
460
+ "value": "Limit concurrent connections per IP."
461
+ },
462
+ "insertText": "# In http block:\nlimit_conn_zone \\$binary_remote_addr zone=${1:conn_limit}:10m;\n\n# In server/location:\nlimit_conn ${1:conn_limit} ${2:10};",
463
+ "insertTextRules": 4,
464
+ "sortText": "05_connlimit"
465
+ },
466
+ {
467
+ "label": "security headers",
468
+ "kind": 15,
469
+ "detail": "Security headers",
470
+ "documentation": {
471
+ "value": "Comprehensive security headers for production."
472
+ },
473
+ "insertText": "add_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'\" always;\nadd_header Permissions-Policy \"camera=(), microphone=(), geolocation=()\" always;\nadd_header Strict-Transport-Security \"max-age=63072000; includeSubDomains; preload\" always;",
474
+ "insertTextRules": 4,
475
+ "sortText": "06_security"
476
+ },
477
+ {
478
+ "label": "add_header HSTS",
479
+ "kind": 14,
480
+ "detail": "HSTS header",
173
481
  "documentation": {
174
- "value": "Check for file existence in order and serve the first match."
482
+ "value": "HTTP Strict Transport Security."
175
483
  },
176
- "insertText": "try_files $uri $uri/ ${1:=404};",
484
+ "insertText": "add_header Strict-Transport-Security \"max-age=63072000; includeSubDomains; preload\" always;",
177
485
  "insertTextRules": 4,
178
- "sortText": "02_tryfiles"
486
+ "sortText": "06_hsts"
487
+ },
488
+ {
489
+ "label": "add_header CSP",
490
+ "kind": 14,
491
+ "detail": "Content Security Policy",
492
+ "documentation": {
493
+ "value": "Content-Security-Policy header."
494
+ },
495
+ "insertText": "add_header Content-Security-Policy \"${1:default-src 'self'; script-src 'self'}\" always;",
496
+ "insertTextRules": 4,
497
+ "sortText": "06_csp"
498
+ },
499
+ {
500
+ "label": "add_header CORS",
501
+ "kind": 15,
502
+ "detail": "CORS headers",
503
+ "documentation": {
504
+ "value": "Cross-Origin Resource Sharing headers."
505
+ },
506
+ "insertText": "add_header Access-Control-Allow-Origin \"${1:*}\";\nadd_header Access-Control-Allow-Methods \"GET, POST, PUT, DELETE, OPTIONS\";\nadd_header Access-Control-Allow-Headers \"Authorization, Content-Type, Accept\";\nadd_header Access-Control-Max-Age 86400;\n\nif (\\$request_method = OPTIONS) {\n return 204;\n}",
507
+ "insertTextRules": 4,
508
+ "sortText": "06_cors"
179
509
  },
180
510
  {
181
511
  "label": "access_log",
182
512
  "kind": 14,
183
513
  "detail": "Access log",
184
514
  "documentation": {
185
- "value": "Set the path for the access log file."
515
+ "value": "Configure access logging."
186
516
  },
187
517
  "insertText": "access_log ${1:/var/log/nginx/access.log};",
188
518
  "insertTextRules": 4,
189
- "sortText": "03_accesslog"
519
+ "sortText": "07_access_log"
520
+ },
521
+ {
522
+ "label": "access_log JSON",
523
+ "kind": 15,
524
+ "detail": "JSON access log",
525
+ "documentation": {
526
+ "value": "JSON-formatted access log for log aggregation."
527
+ },
528
+ "insertText": "log_format json_combined escape=json\n '{\"time\":\"\\$time_iso8601\",'\n '\"remote_addr\":\"\\$remote_addr\",'\n '\"request\":\"\\$request\",'\n '\"status\":\"\\$status\",'\n '\"body_bytes_sent\":\"\\$body_bytes_sent\",'\n '\"request_time\":\"\\$request_time\",'\n '\"upstream_response_time\":\"\\$upstream_response_time\",'\n '\"http_user_agent\":\"\\$http_user_agent\"}';\n\naccess_log /var/log/nginx/access.json json_combined;",
529
+ "insertTextRules": 4,
530
+ "sortText": "07_access_json"
190
531
  },
191
532
  {
192
533
  "label": "error_log",
193
534
  "kind": 14,
194
535
  "detail": "Error log",
195
536
  "documentation": {
196
- "value": "Set the path and level for the error log."
537
+ "value": "Configure error logging."
197
538
  },
198
539
  "insertText": "error_log ${1:/var/log/nginx/error.log} ${2:warn};",
199
540
  "insertTextRules": 4,
200
- "sortText": "03_errorlog"
541
+ "sortText": "07_error_log"
201
542
  },
202
543
  {
203
- "label": "gzip",
544
+ "label": "access_log off",
204
545
  "kind": 14,
205
- "detail": "Enable gzip",
546
+ "detail": "Disable access log",
206
547
  "documentation": {
207
- "value": "Enable gzip compression for responses."
548
+ "value": "Disable access logging for a location."
208
549
  },
209
- "insertText": "gzip on;\ngzip_types text/plain text/css application/json application/javascript text/xml;",
550
+ "insertText": "access_log off;",
210
551
  "insertTextRules": 4,
211
- "sortText": "03_gzip"
552
+ "sortText": "07_access_off"
553
+ },
554
+ {
555
+ "label": "PHP-FPM location",
556
+ "kind": 15,
557
+ "detail": "PHP-FPM handler",
558
+ "documentation": {
559
+ "value": "Process PHP files through PHP-FPM."
560
+ },
561
+ "insertText": "location ~ \\.php$ {\n include fastcgi_params;\n fastcgi_pass unix:/run/php/php${1:8.2}-fpm.sock;\n fastcgi_param SCRIPT_FILENAME \\$document_root\\$fastcgi_script_name;\n fastcgi_index index.php;\n fastcgi_intercept_errors on;\n fastcgi_buffer_size 16k;\n fastcgi_buffers 4 16k;\n}",
562
+ "insertTextRules": 4,
563
+ "sortText": "08_phpfpm"
564
+ },
565
+ {
566
+ "label": "fastcgi_pass",
567
+ "kind": 14,
568
+ "detail": "FastCGI pass",
569
+ "documentation": {
570
+ "value": "Pass request to a FastCGI server."
571
+ },
572
+ "insertText": "fastcgi_pass unix:${1:/run/php/php8.2-fpm.sock};",
573
+ "insertTextRules": 4,
574
+ "sortText": "08_fastcgi"
212
575
  },
213
576
  {
214
577
  "label": "client_max_body_size",
215
578
  "kind": 14,
216
- "detail": "Max body size",
579
+ "detail": "Max upload size",
217
580
  "documentation": {
218
- "value": "Set the maximum allowed size of the client request body."
581
+ "value": "Set maximum request body (upload) size."
219
582
  },
220
- "insertText": "client_max_body_size ${1:10M};",
583
+ "insertText": "client_max_body_size ${1:50}m;",
221
584
  "insertTextRules": 4,
222
- "sortText": "03_bodysize"
585
+ "sortText": "09_body_size"
223
586
  },
224
587
  {
225
- "label": "http to https redirect",
588
+ "label": "client_body_timeout",
589
+ "kind": 14,
590
+ "detail": "Body read timeout",
591
+ "documentation": {
592
+ "value": "Timeout for reading the client request body."
593
+ },
594
+ "insertText": "client_body_timeout ${1:60}s;",
595
+ "insertTextRules": 4,
596
+ "sortText": "09_body_timeout"
597
+ },
598
+ {
599
+ "label": "keepalive_timeout",
600
+ "kind": 14,
601
+ "detail": "Keepalive timeout",
602
+ "documentation": {
603
+ "value": "Set the keep-alive connection timeout."
604
+ },
605
+ "insertText": "keepalive_timeout ${1:65}s;",
606
+ "insertTextRules": 4,
607
+ "sortText": "09_keepalive"
608
+ },
609
+ {
610
+ "label": "sendfile",
611
+ "kind": 14,
612
+ "detail": "Sendfile",
613
+ "documentation": {
614
+ "value": "Enable kernel-level file sending (zero-copy)."
615
+ },
616
+ "insertText": "sendfile on;\ntcp_nopush on;\ntcp_nodelay on;",
617
+ "insertTextRules": 4,
618
+ "sortText": "09_sendfile"
619
+ },
620
+ {
621
+ "label": "worker_processes",
622
+ "kind": 14,
623
+ "detail": "Worker processes",
624
+ "documentation": {
625
+ "value": "Number of worker processes — use auto for CPU count."
626
+ },
627
+ "insertText": "worker_processes ${1:auto};",
628
+ "insertTextRules": 4,
629
+ "sortText": "09_workers"
630
+ },
631
+ {
632
+ "label": "worker_connections",
633
+ "kind": 14,
634
+ "detail": "Worker connections",
635
+ "documentation": {
636
+ "value": "Maximum simultaneous connections per worker."
637
+ },
638
+ "insertText": "worker_connections ${1:1024};",
639
+ "insertTextRules": 4,
640
+ "sortText": "09_worker_conn"
641
+ },
642
+ {
643
+ "label": "expires",
644
+ "kind": 14,
645
+ "detail": "Cache expiry",
646
+ "documentation": {
647
+ "value": "Set browser cache expiry for static assets."
648
+ },
649
+ "insertText": "expires ${1:30d};\nadd_header Cache-Control \"public, immutable\";",
650
+ "insertTextRules": 4,
651
+ "sortText": "10_expires"
652
+ },
653
+ {
654
+ "label": "static files cache",
226
655
  "kind": 15,
227
- "detail": "HTTP to HTTPS redirect",
656
+ "detail": "Static file caching",
228
657
  "documentation": {
229
- "value": "Redirect all HTTP traffic to HTTPS."
658
+ "value": "Cache static files with aggressive settings."
230
659
  },
231
- "insertText": "server {\n listen 80;\n server_name ${1:example.com};\n return 301 https://$host$request_uri;\n}",
660
+ "insertText": "location ~* \\.(css|js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {\n expires 1y;\n add_header Cache-Control \"public, immutable\";\n access_log off;\n log_not_found off;\n}",
232
661
  "insertTextRules": 4,
233
- "sortText": "04_redirect"
662
+ "sortText": "10_static_cache"
234
663
  },
235
664
  {
236
- "label": "websocket proxy",
665
+ "label": "allow deny",
237
666
  "kind": 15,
238
- "detail": "WebSocket proxy config",
667
+ "detail": "IP access control",
239
668
  "documentation": {
240
- "value": "Configure nginx to proxy WebSocket connections."
669
+ "value": "Allow or deny access based on IP."
241
670
  },
242
- "insertText": "location ${1:/ws} {\n proxy_pass http://${2:localhost:3000};\n proxy_http_version 1.1;\n proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection \"upgrade\";\n}",
671
+ "insertText": "allow ${1:192.168.1.0/24};\ndeny all;",
243
672
  "insertTextRules": 4,
244
- "sortText": "04_websocket"
673
+ "sortText": "11_allow_deny"
245
674
  },
246
675
  {
247
- "label": "rate limiting",
676
+ "label": "basic auth",
248
677
  "kind": 15,
249
- "detail": "Rate limit zone",
678
+ "detail": "Basic authentication",
250
679
  "documentation": {
251
- "value": "Define and apply a rate limiting zone."
680
+ "value": "HTTP Basic authentication."
252
681
  },
253
- "insertText": "limit_req_zone $binary_remote_addr zone=${1:mylimit}:10m rate=${2:10r/s};",
682
+ "insertText": "auth_basic \"${1:Restricted Area}\";\nauth_basic_user_file ${2:/etc/nginx/.htpasswd};",
254
683
  "insertTextRules": 4,
255
- "sortText": "04_ratelimit"
684
+ "sortText": "11_basic_auth"
256
685
  },
257
686
  {
258
- "label": "add_header",
687
+ "label": "include",
259
688
  "kind": 14,
260
- "detail": "Add response header",
689
+ "detail": "Include config",
261
690
  "documentation": {
262
- "value": "Add a custom header to the response."
691
+ "value": "Include another configuration file or files."
263
692
  },
264
- "insertText": "add_header ${1:X-Frame-Options} ${2:SAMEORIGIN};",
693
+ "insertText": "include ${1:/etc/nginx/conf.d/*.conf};",
265
694
  "insertTextRules": 4,
266
- "sortText": "03_addheader"
695
+ "sortText": "12_include"
267
696
  },
268
697
  {
269
- "label": "expires",
698
+ "label": "include mime.types",
270
699
  "kind": 14,
271
- "detail": "Cache expiry",
700
+ "detail": "Include MIME types",
701
+ "documentation": {
702
+ "value": "Include the MIME types mapping file."
703
+ },
704
+ "insertText": "include mime.types;\ndefault_type application/octet-stream;",
705
+ "insertTextRules": 4,
706
+ "sortText": "12_include_mime"
707
+ },
708
+ {
709
+ "label": "set variable",
710
+ "kind": 14,
711
+ "detail": "Set variable",
712
+ "documentation": {
713
+ "value": "Set a custom variable."
714
+ },
715
+ "insertText": "set \\$${1:var} ${2:value};",
716
+ "insertTextRules": 4,
717
+ "sortText": "13_set"
718
+ },
719
+ {
720
+ "label": "Node.js reverse proxy",
721
+ "kind": 15,
722
+ "detail": "Node.js app config",
723
+ "documentation": {
724
+ "value": "Production reverse proxy for a Node.js application."
725
+ },
726
+ "insertText": "server {\n listen 80;\n server_name ${1:api.example.com};\n\n location / {\n proxy_pass http://127.0.0.1:${2:3000};\n proxy_http_version 1.1;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection 'upgrade';\n proxy_set_header Host \\$host;\n proxy_set_header X-Real-IP \\$remote_addr;\n proxy_set_header X-Forwarded-For \\$proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto \\$scheme;\n proxy_cache_bypass \\$http_upgrade;\n }\n}",
727
+ "insertTextRules": 4,
728
+ "sortText": "14_nodejs"
729
+ },
730
+ {
731
+ "label": "Laravel / PHP app",
732
+ "kind": 15,
733
+ "detail": "Laravel config",
734
+ "documentation": {
735
+ "value": "Nginx configuration for Laravel or PHP frameworks."
736
+ },
737
+ "insertText": "server {\n listen 80;\n server_name ${1:example.com};\n root /var/www/${1:example.com}/public;\n\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options \"nosniff\";\n\n index index.php;\n charset utf-8;\n\n location / {\n try_files \\$uri \\$uri/ /index.php?\\$query_string;\n }\n\n location = /favicon.ico { access_log off; log_not_found off; }\n location = /robots.txt { access_log off; log_not_found off; }\n\n error_page 404 /index.php;\n\n location ~ \\.php$ {\n fastcgi_pass unix:/run/php/php${2:8.2}-fpm.sock;\n fastcgi_param SCRIPT_FILENAME \\$realpath_root\\$fastcgi_script_name;\n include fastcgi_params;\n }\n\n location ~ /\\.(?!well-known).* {\n deny all;\n }\n}",
738
+ "insertTextRules": 4,
739
+ "sortText": "14_laravel"
740
+ },
741
+ {
742
+ "label": "WordPress config",
743
+ "kind": 15,
744
+ "detail": "WordPress config",
745
+ "documentation": {
746
+ "value": "Nginx configuration for WordPress."
747
+ },
748
+ "insertText": "server {\n listen 80;\n server_name ${1:example.com};\n root /var/www/wordpress;\n\n index index.php;\n\n location / {\n try_files \\$uri \\$uri/ /index.php?\\$args;\n }\n\n location ~ \\.php$ {\n include fastcgi_params;\n fastcgi_pass unix:/run/php/php${2:8.2}-fpm.sock;\n fastcgi_param SCRIPT_FILENAME \\$document_root\\$fastcgi_script_name;\n }\n\n location ~* \\.(js|css|png|jpg|jpeg|gif|ico|svg)$ {\n expires 30d;\n log_not_found off;\n }\n\n location ~ /\\. {\n deny all;\n }\n\n location = /xmlrpc.php {\n deny all;\n }\n}",
749
+ "insertTextRules": 4,
750
+ "sortText": "14_wordpress"
751
+ },
752
+ {
753
+ "label": "nginx.conf main",
754
+ "kind": 15,
755
+ "detail": "Main nginx.conf",
272
756
  "documentation": {
273
- "value": "Set the Expires header and Cache-Control max-age for static assets."
757
+ "value": "Complete top-level nginx.conf template."
274
758
  },
275
- "insertText": "expires ${1:30d};",
759
+ "insertText": "user ${1:www-data};\nworker_processes auto;\npid /run/nginx.pid;\nerror_log /var/log/nginx/error.log warn;\n\nevents {\n worker_connections 1024;\n multi_accept on;\n}\n\nhttp {\n include mime.types;\n default_type application/octet-stream;\n\n log_format main '\\$remote_addr - \\$remote_user [\\$time_local] \"\\$request\" '\n '\\$status \\$body_bytes_sent \"\\$http_referer\" '\n '\"\\$http_user_agent\"';\n access_log /var/log/nginx/access.log main;\n\n sendfile on;\n tcp_nopush on;\n tcp_nodelay on;\n keepalive_timeout 65;\n types_hash_max_size 2048;\n client_max_body_size 50m;\n\n gzip on;\n gzip_vary on;\n gzip_types text/plain text/css application/json application/javascript text/xml;\n\n include /etc/nginx/conf.d/*.conf;\n include /etc/nginx/sites-enabled/*;\n}",
276
760
  "insertTextRules": 4,
277
- "sortText": "03_expires"
761
+ "sortText": "14_main"
278
762
  }
279
763
  ]
280
764
  }